CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2026/01/09 12:37 p.m.•7 views

CVE-2023-49447

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/nav/update...

8.8CVSS7.5AI score0.00268EPSS

Exploits1References1

ATTACKERKB•added 2023/12/05 3:15 p.m.•3 views

CVE-2023-49447

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/nav/update...

8.8CVSS7.3AI score0.00268EPSS

Exploits1References2

NVD•added 2023/12/05 3:15 p.m.•9 views

CVE-2023-49447

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/nav/update...

8.8CVSS0.00268EPSS

Exploits1References1

CVE•added 2023/12/05 12:0 a.m.•38 views

CVE-2023-49447

Affected software and issue: JFinalCMS v5.0.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the /admin/nav/update component, due to insufficient validation of whether a request originates from a trusted user. Impact (as described): The vulnerability can enable an attacker to forge...

8.8CVSS8.8AI score0.00268EPSS

Exploits1References1Affected Software1